exam questions

Exam CSSLP All Questions

View all questions & answers for the CSSLP exam

Exam CSSLP topic 2 question 21 discussion

Actual exam question from ISC's CSSLP
Question #: 21
Topic #: 2
[All CSSLP Questions]

Which of the following phases of the DITSCAP C&A process is used to define the C&A level of effort, to identify the main C&A roles and responsibilities, and to create an agreement on the method for implementing the security requirements?

  • A. Phase 1
  • B. Phase 4
  • C. Phase 2
  • D. Phase 3
Show Suggested Answer Hide Answer
Suggested Answer: C&A roles and responsibilities, and create an agreement on the method for implementing the security requirements. Answer: C is incorrect. The Phase 2 of the 🗳️
The Phase 1 of the DITSCAP C&A process is known as Definition Phase. The goal of this phase is to define the C&A level of effort, identify the main incorrect. The Phase 4 of the DITSCAP C&A process is known as Post Accreditation.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
74gjd_37
5 months, 2 weeks ago
Selected Answer: A
In the DITSCAP C&A process, Phase 1 (Definition) is used to define the system and its security requirements. Phase 2 (Verification) involves testing and evaluating the system's security controls. Phase 3 (Validation) verifies that all security controls are implemented correctly. Phase 4 (Post Accreditation) involves ongoing monitoring and maintenance of the system. So based on the options provided in your question, it appears that "Phase 1" would be the correct answer as it relates to defining roles & responsibilities for implementation of security requirements.
upvoted 1 times
74gjd_37
5 months, 2 weeks ago
The DITSCAP (Department of Defense Information Technology Security Certification and Accreditation Process) is a risk management process developed by the US Department of Defense (DoD) to provide a standard process for certifying and accrediting information systems that handle sensitive or classified information. This includes systems such as military command-and-control, logistics, finance, personnel, and intelligence systems.
upvoted 1 times
74gjd_37
5 months, 2 weeks ago
The purpose of the DITSCAP C&A process is to ensure that these information systems meet defined security requirements before they are put into operation. It involves six phases: Definition - define the system and its security requirements Verification - test and evaluate the system's security controls Validation - verify that all security controls are implemented correctly Post Accreditation - ongoing monitoring and maintenance of the system Reaccreditation - periodic review to ensure continued compliance with security requirements Decommissioning phase
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago